Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:2808-1
Rating:	important
References:	bsc#1065729 bsc#1160435 bsc#1174852 bsc#1190317 bsc#1205758 bsc#1208600 bsc#1208604 bsc#1209039 bsc#1209779 bsc#1210533 bsc#1211519 bsc#1212051 bsc#1212128 bsc#1212129 bsc#1212154 bsc#1212158 bsc#1212164 bsc#1212165 bsc#1212167 bsc#1212170 bsc#1212173 bsc#1212175 bsc#1212185 bsc#1212236 bsc#1212240 bsc#1212244 bsc#1212266 bsc#1212443 bsc#1212501 bsc#1212502 bsc#1212606 bsc#1212701 bsc#1212842 bsc#1212938
Cross-References:	CVE-2023-1077 CVE-2023-1079 CVE-2023-1249 CVE-2023-1637 CVE-2023-2002 CVE-2023-3090 CVE-2023-3111 CVE-2023-3141 CVE-2023-3159 CVE-2023-3161 CVE-2023-3268 CVE-2023-3358 CVE-2023-35824
CVSS scores:	CVE-2023-1077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1077 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1079 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1079 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-1249 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2023-1249 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-1637 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L CVE-2023-1637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-2002 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-2002 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2023-3090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3111 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-3111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3141 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2023-3141 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-3159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3159 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-3161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3161 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3268 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L CVE-2023-3268 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2023-3358 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3358 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-35824 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-35824 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves 13 vulnerabilities and has 21 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).
• CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device (bsc#1208604).
• CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
• CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).
• CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210533).
• CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
• CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051).
• CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
• CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
• CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
• CVE-2023-3268: Fixed an out of bounds (OOB) memory access flaw in relay_file_read_start_pos in kernel/relay.c (bsc#1212502).
• CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606).
• CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).

The following non-security bugs were fixed:

• Also include kernel-docs build requirements for ALP
• Avoid unsuported tar parameter on SLE12
• CDC-NCM: avoid overflow in sanity checking (git-fixes).
• CIFS: Spelling s/EACCESS/EACCES/ (bsc#1190317).
• Decrease the number of SMB3 smbdirect client SGEs (bsc#1190317).
• Fix formatting of client smbdirect RDMA logging (bsc#1190317).
• Fix missing top level chapter numbers on SLE12 SP5 (bsc#1212158).
• Generalize kernel-doc build requirements.
• Handle variable number of SGEs in client smbdirect send (bsc#1190317).
• Move obsolete KMP list into a separate file. The list of obsoleted KMPs varies per release, move it out of the spec file.
• Move setting %%build_html to config.sh
• Move setting %%split_optional to config.sh
• Move setting %%supported_modules_check to config.sh
• Move the kernel-binary conflicts out of the spec file. Thie list of conflicting packages varies per release. To reduce merge conflicts move the list out of the spec file.
• PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (git-fixes).
• PCI/MSI: Destroy sysfs before freeing entries (git-fixes).
• PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() (git-fixes).
• PCI/MSI: Mask MSI-X vectors only on success (git-fixes).
• PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros (git-fixes).
• PCI: aardvark: Clear all MSIs at setup (git-fixes).
• PCI: aardvark: Do not clear status bits of masked interrupts (git-fixes).
• PCI: aardvark: Do not unmask unused interrupts (git-fixes).
• PCI: aardvark: Fix return value of MSI domain .alloc() method (git-fixes).
• PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG (git-fixes).
• PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros (git-fixes).
• PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).
• PCI: pciehp: Fix infinite loop in IRQ handler upon power fault (git-fixes).
• README.BRANCH: Add Miroslav Franc as a co-maintainer
• Reduce client smbdirect max receive segment size (bsc#1190317).
• Squashfs: fix handling and sanity checking of xattr_ids count (git-fixes).
• Trim obsolete KMP list. SLE11 is out of support, we do not need to handle upgrading from SLE11 SP1.
• USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
• USB: core: hub: disable autosuspend for TI TUSB8041 (git-fixes).
• USB: hub: Fix the broken detection of USB3 device in SMSC hub (git-fixes).
• USB: idmouse: fix an uninit-value in idmouse_open (git-fixes).
• USB: serial: option: add Quectel EM05-G (CS) modem (git-fixes).
• USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
• USB: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller.
• USB: xhci: rework grace period logic (git-fixes).
• affs: initialize fsdata in affs_truncate() (git-fixes).
• bnx2x: Check if transceiver implements DDM before access (git-fixes).
• bnxt_en: Fix mqprio and XDP ring checking logic (git-fixes).
• bnxt_en: Fix typo in PCI id to device description string mapping (git-fixes).
• bnxt_en: Query default VLAN before VNIC setup on a VF (git-fixes).
• bnxt_en: Remove debugfs when pci_register_driver failed (git-fixes).
• bnxt_en: fix NQ resource accounting during vf creation on 57500 chips (git-fixes).
• bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer (git-fixes).
• bnxt_en: reclaim max resources if sriov enable fails (git-fixes).
• ceph: fix use-after-free bug for inodes when flushing capsnaps (bsc#1212938).
• cifs: Add helper function to check smb1+ server (bsc#1190317).
• cifs: Convert struct fealist away from 1-element array (bsc#1190317).
• cifs: Fix connections leak when tlink setup failed (bsc#1190317).
• cifs: Fix lost destroy smbd connection when MR allocate failed (bsc#1190317).
• cifs: Fix memory leak when build ntlmssp negotiate blob failed (bsc#1190317).
• cifs: Fix oops due to uncleared server->smbd_conn in reconnect (bsc#1190317).
• cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() (bsc#1190317).
• cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() (bsc#1190317).
• cifs: Fix smb2_set_path_size() (bsc#1190317).
• cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message (bsc#1190317).
• cifs: Fix uninitialized memory read for smb311 posix symlink create (bsc#1190317).
• cifs: Fix uninitialized memory read in smb3_qfs_tcon() (bsc#1190317).
• cifs: Fix uninitialized memory reads for oparms.mode (bsc#1190317).
• cifs: Fix use-after-free in rdata->read_into_pages() (bsc#1190317).
• cifs: Fix warning and UAF when destroy the MR list (bsc#1190317).
• cifs: Fix wrong return value checking when GETFLAGS (bsc#1190317).
• cifs: Fix xid leak in cifs_copy_file_range() (bsc#1190317).
• cifs: Fix xid leak in cifs_create() (bsc#1190317).
• cifs: Fix xid leak in cifs_flock() (bsc#1190317).
• cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (bsc#1190317).
• cifs: Move the in_send statistic to __smb_send_rqst() (bsc#1190317).
• cifs: Remove duplicated include in cifsglob.h (bsc#1190317).
• cifs: Replace zero-length arrays with flexible-array members (bsc#1190317).
• cifs: Use help macro to get the header preamble size (bsc#1190317).
• cifs: Use help macro to get the mid header size (bsc#1190317).
• cifs: Use kstrtobool() instead of strtobool() (bsc#1190317).
• cifs: add check for returning value of SMB2_close_init (bsc#1190317).
• cifs: add check for returning value of SMB2_set_info_init (bsc#1190317).
• cifs: add missing spinlock around tcon refcount (bsc#1190317).
• cifs: always initialize struct msghdr smb_msg completely (bsc#1190317).
• cifs: avoid re-lookups in dfs_cache_find() (bsc#1190317).
• cifs: avoid use of global locks for high contention data (bsc#1190317).
• cifs: destage dirty pages before re-reading them for cache=none (bsc#1190317).
• cifs: do not include page data when checking signature (bsc#1190317).
• cifs: do not send down the destination address to sendmsg for a SOCK_STREAM (bsc#1190317).
• cifs: do not take exclusive lock for updating target hints (bsc#1190317).
• cifs: do not try to use rdma offload on encrypted connections (bsc#1190317).
• cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL (bsc#1190317).
• cifs: fix confusing debug message (bsc#1190317).
• cifs: fix double free on failed kerberos auth (bsc#1190317).
• cifs: fix double-fault crash during ntlmssp (bsc#1190317).
• cifs: fix indentation in make menuconfig options (bsc#1190317).
• cifs: fix memory leaks in session setup (bsc#1190317).
• cifs: fix missing display of three mount options (bsc#1190317).
• cifs: fix mount on old smb servers (bsc#1190317).
• cifs: fix oops during encryption (bsc#1190317).
• cifs: fix pcchunk length type in smb2_copychunk_range (bsc#1190317).
• cifs: fix potential deadlock in cache_refresh_path() (bsc#1190317).
• cifs: fix potential memory leaks in session setup (bsc#1190317).
• cifs: fix race in assemble_neg_contexts() (bsc#1190317).
• cifs: fix return of uninitialized rc in dfs_cache_update_tgthint() (bsc#1190317).
• cifs: fix small mempool leak in SMB2_negotiate() (bsc#1190317).
• cifs: fix use-after-free caused by invalid pointer hostname (bsc#1190317).
• cifs: fix various whitespace errors in headers (bsc#1190317).
• cifs: get rid of dns resolve worker (bsc#1190317).
• cifs: get rid of unneeded conditional in cifs_get_num_sgs() (bsc#1190317).
• cifs: handle cache lookup errors different than -ENOENT (bsc#1190317).
• cifs: ignore ipc reconnect failures during dfs failover (bsc#1190317).
• cifs: introduce cifs_io_parms in smb2_async_writev() (bsc#1190317).
• cifs: lease key is uninitialized in smb1 paths (bsc#1190317).
• cifs: lease key is uninitialized in two additional functions when smb1 (bsc#1190317).
• cifs: match even the scope id for ipv6 addresses (bsc#1190317).
• cifs: minor cleanup of some headers (bsc#1190317).
• cifs: misc: fix spelling typo in comment (bsc#1190317).
• cifs: prevent copying past input buffer boundaries (bsc#1190317).
• cifs: prevent data race in cifs_reconnect_tcon() (bsc#1190317).
• cifs: prevent data race in smb2_reconnect() (bsc#1190317).
• cifs: prevent infinite recursion in CIFSGetDFSRefer() (bsc#1190317).
• cifs: print last update time for interface list (bsc#1190317).
• cifs: protect access of TCP_Server_Info::{dstaddr,hostname} (bsc#1190317).
• cifs: remove ->writepage (bsc#1190317).
• cifs: remove duplicate code in __refresh_tcon() (bsc#1190317).
• cifs: remove initialization value (bsc#1190317).
• cifs: remove redundant assignment to the variable match (bsc#1190317).
• cifs: remove unneeded 2bytes of padding from smb2 tree connect (bsc#1190317).
• cifs: return ENOENT for DFS lookup_cache_entry() (bsc#1190317).
• cifs: return correct error in ->calc_signature() (bsc#1190317).
• cifs: reuse cifs_match_ipaddr for comparison of dstaddr too (bsc#1190317).
• cifs: revalidate mapping when doing direct writes (bsc#1190317).
• cifs: sanitize paths in cifs_update_super_prepath (bsc#1190317).
• cifs: secmech: use shash_desc directly, remove sdesc (bsc#1190317).
• cifs: set correct ipc status after initial tree connect (bsc#1190317).
• cifs: set correct tcon status after initial tree connect (bsc#1190317).
• cifs: set resolved ip in sockaddr (bsc#1190317).
• cifs: skip alloc when request has no pages (bsc#1190317).
• cifs: skip extra NULL byte in filenames (bsc#1190317).
• cifs: split out ses and tcon retrieval from mount_get_conns() (bsc#1190317).
• cifs: split out smb3_use_rdma_offload() helper (bsc#1190317).
• cifs: stop using generic_writepages (bsc#1190317).
• cifs: update Kconfig description (bsc#1190317).
• cifs: update internal module number (bsc#1190317).
• cifs: use ALIGN() and round_up() macros (bsc#1190317).
• cifs: use stub posix acl handlers (bsc#1190317).
• cifs_atomic_open(): fix double-put on late allocation failure (bsc#1190317).
• coda: add error handling for fget (git-fixes).
• coda: fix build using bare-metal toolchain (git-fixes).
• coda: pass the host file in vma->vm_file on mmap (git-fixes).
• cxgb4: fix a memory leak bug (git-fixes).
• dim: initialize all struct fields (bsc#1174852).
• e1000e: Correct NVM checksum verification flow (git-fixes).
• e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).
• e1000e: Fix TX dispatch condition (git-fixes).
• e1000e: Fix possible overflow in LTR decoding (git-fixes).
• fs/adfs: super: fix use-after-free bug (git-fixes).
• fs/affs: release old buffer head on error path (git-fixes).
• fs/hfs/extent.c: fix array out of bounds read of array extent (git-fixes).
• fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle() (git-fixes).
• fs/ufs: avoid potential u32 multiplication overflow (git-fixes).
• fs: hfsplus: fix UAF issue in hfsplus_put_super (git-fixes).
• fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc() (git-fixes).
• fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock() (git-fixes).
• fs: sysv: Fix sysv_nblocks() returns wrong value (git-fixes).
• google/gve:fix repeated words in comments (bsc#1211519).
• gve: Adding a new AdminQ command to verify driver (bsc#1211519).
• gve: Cache link_speed value from device (bsc#1211519).
• gve: Fix GFP flags when allocing pages (bsc#1211519).
• gve: Fix error return code in gve_prefill_rx_pages() (bsc#1211519).
• gve: Fix spelling mistake "droping" -> "dropping" (bsc#1211519).
• gve: Handle alternate miss completions (bsc#1211519).
• gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519).
• gve: Remove the code of clearing PBA bit (bsc#1211519).
• gve: Secure enough bytes in the first TX desc for all TCP pkts (bsc#1211519).
• gve: enhance no queue page list detection (bsc#1211519).
• hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling (git-fixes).
• hfs/hfsplus: use WARN_ON for sanity check (git-fixes).
• hfs: Fix OOB Write in hfs_asc2mac (git-fixes).
• hfs: add lock nesting notation to hfs_find_init (git-fixes).
• hfs: add missing clean-up in hfs_fill_super (git-fixes).
• hfs: fix BUG on bnode parent update (git-fixes).
• hfs: fix OOB Read in __hfs_brec_find (git-fixes).
• hfs: fix high memory mapping in hfs_bnode_read (git-fixes).
• hfs: fix missing hfs_bnode_get() in __hfs_bnode_create (git-fixes).
• hfs: fix return value of hfs_get_block() (git-fixes).
• hfs: prevent btree data loss on ENOSPC (git-fixes).
• hfs: update timestamp on truncate() (git-fixes).
• hfsplus: fix BUG on bnode parent update (git-fixes).
• hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount (git-fixes).
• hfsplus: fix crash and filesystem corruption when deleting files (git-fixes).
• hfsplus: fix return value of hfsplus_get_block() (git-fixes).
• hfsplus: prevent btree data loss on ENOSPC (git-fixes).
• hfsplus: update timestamps on truncate() (git-fixes).
• igb: Add lock to avoid data race (git-fixes).
• igb: Allocate MSI-X vector when testing (git-fixes).
• igb: Enable SR-IOV after reinit (git-fixes).
• igb: Initialize mailbox message for VF reset (git-fixes).
• igb: Make DMA faster when CPU is active on the PCIe link (git-fixes).
• igb: fix bit_shift to be in [1..8] range (git-fixes).
• igb: fix netpoll exit with traffic (git-fixes).
• igb: fix nvm.ops.read() error handling (git-fixes).
• igb: skip phy status check where unavailable (git-fixes).
• igbvf: Regard vf reset nack as success (git-fixes).
• igbvf: fix double free in igbvf_probe (git-fixes).
• igc: Fix BUG: scheduling while atomic (git-fixes).
• igc: Fix infinite loop in release_swfw_sync (git-fixes).
• igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).
• igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).
• intel/igbvf: free irq on the error path in igbvf_request_msix() (git-fixes).
• ipv4: fix uninit-value in ip_route_output_key_hash_rcu() (git-fixes).
• ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero (git-fixes).
• ixgbe: Allow flow hash to be set via ethtool (git-fixes).
• ixgbe: Check DDM existence in transceiver before access (git-fixes).
• ixgbe: Enable setting RSS table to default values (git-fixes).
• ixgbe: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).
• ixgbe: ensure IPsec VF<->PF compatibility (git-fixes).
• ixgbe: fix bcast packets Rx on VF after promisc removal (git-fixes).
• ixgbe: fix pci device refcount leak (git-fixes).
• ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
• ixgbe: set X550 MDIO speed before talking to PHY (git-fixes).
• ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter (git-fixes).
• kprobes: Do not call BUG_ON() if there is a kprobe in use on free list (git-fixes).
• kprobes: Do not use local variable when creating debugfs file (git-fixes).
• kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
• kprobes: Fix check for probe enabled in kill_kprobe() (git-fixes).
• kprobes: Fix error check when reusing optimized probes (git-fixes).
• kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic (git-fixes).
• kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
• kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list (git-fixes).
• kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex (git-fixes).
• kprobes: Forbid probing on trampoline and BPF code areas (git-fixes).
• kprobes: Prohibit probes in gate area (git-fixes).
• kprobes: Prohibit probing on BUG() and WARN() address (git-fixes).
• kprobes: Remove pointless BUG_ON() from reuse_unused_kprobe() (git-fixes).
• kprobes: Set unoptimized flag after unoptimizing code (git-fixes).
• kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y (git-fixes).
• kprobes: do not call disarm_kprobe() for disabled kprobes (git-fixes).
• kprobes: fix kill kprobe which has been marked as gone (git-fixes).
• kretprobe: Avoid re-registration of the same kretprobe earlier (git-fixes).
• l2tp: hold reference on tunnels in netlink dumps (git-fixes).
• l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file (git-fixes).
• l2tp: hold reference on tunnels printed in pppol2tp proc file (git-fixes).
• mlx5: count all link events (git-fixes).
• net/ethernet/qlogic/qed: force the string buffer NULL-terminated (git-fixes).
• net/mlx4: Check retval of mlx4_bitmap_init (git-fixes).
• net/mlx4_en: Do not allow aRFS for encapsulated packets (git-fixes).
• net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() (git-fixes).
• net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (git-fixes).
• net/mlx4_en: Resolve bad operstate value (git-fixes).
• net/usb/drivers: Remove useless hrtimer_active check (git-fixes).
• net: axienet: Fix race condition causing TX hang (git-fixes).
• net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (git-fixes).
• net: cdc_ncm: remove set but not used variable 'ctx' (git-fixes).
• net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' (git-fixes).
• net: dev: Use unsigned integer as an argument to left-shift (git-fixes).
• net: fec: fix rare tx timeout (git-fixes).
• net: fix warning in af_unix (git-fixes).
• net: hisilicon: Fix "Trying to free already-free IRQ" (git-fixes).
• net: ks8851: Dequeue RX packets explicitly (git-fixes).
• net: macb: Clean 64b dma addresses if they are not detected (git-fixes).
• net: marvell: mvneta: fix DMA debug warning (git-fixes).
• net: myri10ge: fix memory leaks (git-fixes).
• net: set static variable an initial value in atl2_probe() (git-fixes).
• net: thunderx: make CFG_DONE message to run through generic send-ack sequence (git-fixes).
• net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818 (git-fixes).
• netfilter: x_tables: add and use xt_check_proc_name (git-fixes).
• netlabel: If PF_INET6, check sk_buff ip header version (git-fixes).
• ocfs2/dlm: do not handle migrate lockres if already in shutdown (git-fixes).
• ocfs2: call journal flush to mark journal as empty after journal recovery when mount (git-fixes).
• ocfs2: clear dinode links count in case of error (git-fixes).
• ocfs2: clear journal dirty flag after shutdown journal (git-fixes).
• ocfs2: clear zero in unaligned direct IO (git-fixes).
• ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (git-fixes).
• ocfs2: do not clear bh uptodate for block read (git-fixes).
• ocfs2: do not put and assigning null to bh allocated outside (git-fixes).
• ocfs2: fix BUG when iput after ocfs2_mknod fails (git-fixes).
• ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans() (git-fixes).
• ocfs2: fix a panic problem caused by o2cb_ctl (git-fixes).
• ocfs2: fix clusters leak in ocfs2_defrag_extent() (git-fixes).
• ocfs2: fix deadlock caused by ocfs2_defrag_extent() (git-fixes).
• ocfs2: fix defrag path triggering jbd2 ASSERT (git-fixes).
• ocfs2: fix memory leak in ocfs2_stack_glue_init() (git-fixes).
• ocfs2: fix non-auto defrag path not working issue (git-fixes).
• ocfs2: fix panic due to unrecovered local alloc (git-fixes).
• ocfs2: fix potential use after free (git-fixes).
• ocfs2: remove set but not used variable 'last_hash' (git-fixes).
• ocfs2: take inode cluster lock before moving reflinked inode from orphan dir (git-fixes).
• ocfs2: wait for recovering done after direct unlock request (git-fixes).
• openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS (git-fixes).
• powerpc/64s/radix: Fix soft dirty tracking (bsc#1065729).
• powerpc/iommu: Limit number of TCEs to 512 for H_STUFF_TCE hcall (bsc#1212701).
• put quirk_disable_autosuspend into a hole (git-fixes).
• qed: Add cleanup in qed_slowpath_start() (git-fixes).
• qed: RDMA - Fix the hw_ver returned in device attributes (git-fixes).
• reiserfs: Add missing calls to reiserfs_security_free() (git-fixes).
• reiserfs: Add security prefix to xattr name in reiserfs_security_write() (git-fixes).
• reiserfs: Fix memory leak in reiserfs_parse_options() (git-fixes).
• reiserfs: add check for invalid 1st journal block (git-fixes).
• reiserfs: add check for root_inode in reiserfs_fill_super (git-fixes).
• reiserfs: change j_timestamp type to time64_t (git-fixes).
• reiserfs: check directory items on read from disk (git-fixes).
• reiserfs: only call unlock_new_inode() if I_NEW (git-fixes).
• reiserfs: prevent NULL pointer dereference in reiserfs_insert_item() (git-fixes).
• reiserfs: propagate errors from fill_with_dentries() properly (git-fixes).
• revert "squashfs: harden sanity check in squashfs_read_xattr_id_table" (git-fixes).
• rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm
• rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error (bsc#1160435)
• s390/ctcm: Fix return type of ctc{mp,}m_tx() (git-fixes bsc#1212185).
• s390/dasd: Use correct lock while counting channel queue length (LTC#202775 bsc#1212443).
• s390/dasd: fix hanging blockdevice after request requeue (git-fixes bsc#1212165).
• s390/dasd: fix no record found for raw_track_access (git-fixes bsc#1212266).
• s390/kasan: avoid vdso instrumentation (git-fixes bsc#1212244).
• s390/kprobes: fix current_kprobe never cleared after kprobes reenter (git-fixes bsc#1212167).
• s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler (git-fixes bsc#1212170).
• s390/lcs: Fix return type of lcs_start_xmit() (git-fixes bsc#1212173).
• s390/netiucv: Fix return type of netiucv_tx() (git-fixes bsc#1212175).
• s390/qdio: fix do_sqbs() inline assembly constraint (git-fixes bsc#1212164).
• s390/smsgiucv: disable SMSG on module unload (git-fixes bsc#1212236).
• samples/kretprobes: Fix return value if register_kretprobe() failed (git-fixes).
• sched/core: Use smp_mb() in wake_woken_function() (git-fixes)
• sched/fair: Fix util_avg of new tasks for asymmetric systems (git-fixes)
• scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).
• scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).
• scsi: core: Improve scsi_vpd_inquiry() checks (git-fixes).
• scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).
• scsi: ipr: Work around fortify-string warning (git-fixes).
• scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).
• scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (git-fixes).
• scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS (git-fixes).
• scsi: megaraid_sas: Fix crash after a double completion (git-fixes).
• scsi: megaraid_sas: Fix fw_crash_buffer_show() (git-fixes).
• scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).
• scsi: mpt3sas: Fix a memory leak (git-fixes).
• scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).
• scsi: ses: Do not attach if enclosure has no components (git-fixes).
• scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).
• scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).
• scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).
• scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).
• scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger (git-fixes bsc#1212240).
• smb3: fix oops in calculating shash_setkey (bsc#1190317).
• smb3: fix problem remounting a share after shutdown (bsc#1190317).
• smb3: fix temporary data corruption in collapse range (bsc#1190317).
• smb3: fix temporary data corruption in insert range (bsc#1190317).
• smb3: improve SMB3 change notification support (bsc#1190317).
• smb3: must initialize two ACL struct fields to zero (bsc#1190317).
• smb3: rename encryption/decryption TFMs (bsc#1190317).
• squashfs: harden sanity check in squashfs_read_xattr_id_table (git-fixes).
• sysv: use BUILD_BUG_ON instead of runtime check (git-fixes).
• uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers (git-fixes).
• update internal module version number for cifs.ko (bsc#1190317).
• x86/kprobes: Fix __recover_optprobed_insn check optimizing logic (git-fixes).
• x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range (git-fixes).
• xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems (git-fixes).
• xfs: fix rm_offset flag handling in rmap keys (git-fixes).
• xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server for SAP Applications 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2808=1
• SUSE Linux Enterprise High Performance Computing 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2808=1
• SUSE Linux Enterprise Server 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2808=1

Package List:

• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64)
  • kernel-azure-4.12.14-16.139.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
  • kernel-azure-debugsource-4.12.14-16.139.1
  • kernel-azure-base-debuginfo-4.12.14-16.139.1
  • kernel-azure-base-4.12.14-16.139.1
  • kernel-syms-azure-4.12.14-16.139.1
  • kernel-azure-debuginfo-4.12.14-16.139.1
  • kernel-azure-devel-4.12.14-16.139.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
  • kernel-source-azure-4.12.14-16.139.1
  • kernel-devel-azure-4.12.14-16.139.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64)
  • kernel-azure-4.12.14-16.139.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
  • kernel-azure-debugsource-4.12.14-16.139.1
  • kernel-azure-base-debuginfo-4.12.14-16.139.1
  • kernel-azure-base-4.12.14-16.139.1
  • kernel-syms-azure-4.12.14-16.139.1
  • kernel-azure-debuginfo-4.12.14-16.139.1
  • kernel-azure-devel-4.12.14-16.139.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
  • kernel-source-azure-4.12.14-16.139.1
  • kernel-devel-azure-4.12.14-16.139.1
• SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64)
  • kernel-azure-4.12.14-16.139.1
• SUSE Linux Enterprise Server 12 SP5 (x86_64)
  • kernel-azure-debugsource-4.12.14-16.139.1
  • kernel-azure-base-debuginfo-4.12.14-16.139.1
  • kernel-azure-base-4.12.14-16.139.1
  • kernel-syms-azure-4.12.14-16.139.1
  • kernel-azure-debuginfo-4.12.14-16.139.1
  • kernel-azure-devel-4.12.14-16.139.1
• SUSE Linux Enterprise Server 12 SP5 (noarch)
  • kernel-source-azure-4.12.14-16.139.1
  • kernel-devel-azure-4.12.14-16.139.1

References:

• https://www.suse.com/security/cve/CVE-2023-1077.html
• https://www.suse.com/security/cve/CVE-2023-1079.html
• https://www.suse.com/security/cve/CVE-2023-1249.html
• https://www.suse.com/security/cve/CVE-2023-1637.html
• https://www.suse.com/security/cve/CVE-2023-2002.html